Vulnerabilities > Dell > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-12 CVE-2022-31228 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Xtremio Management Server 6.3.0/6.3.38
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability.
network
low complexity
dell CWE-307
critical
9.8
2022-09-02 CVE-2022-34371 Insufficiently Protected Credentials vulnerability in Dell EMC Powerscale Onefs
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability.
network
low complexity
dell CWE-522
critical
9.8
2022-09-01 CVE-2022-34372 Improper Authentication vulnerability in Dell Powerprotect Cyber Recovery
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability.
network
low complexity
dell CWE-287
critical
9.1
2022-09-01 CVE-2022-34379 Improper Authentication vulnerability in Dell Cloudlink
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability.
network
low complexity
dell CWE-287
critical
9.8
2022-08-30 CVE-2022-31232 OS Command Injection vulnerability in Dell Smartfabric Storage Software 1.0.0
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability.
network
low complexity
dell CWE-78
critical
9.8
2022-07-21 CVE-2022-31234 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell products
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI.
network
low complexity
dell CWE-307
critical
9.8
2022-07-11 CVE-2020-29506 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
network
low complexity
dell oracle
critical
9.8
2022-07-11 CVE-2020-29507 Improper Input Validation vulnerability in multiple products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.
network
low complexity
dell oracle CWE-20
critical
9.8
2022-07-11 CVE-2020-29508 Improper Input Validation vulnerability in multiple products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability.
network
low complexity
dell oracle CWE-20
critical
9.8
2022-07-11 CVE-2020-35163 Use of Insufficiently Random Values vulnerability in multiple products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability.
network
low complexity
dell oracle CWE-330
critical
9.8